VYPR

rpm package

suse/kernel-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP5

pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5

Vulnerabilities (2,432)

  • CVE-2023-35828HigJun 18, 2023
    affected < 5.14.21-150500.33.6.1fixed 5.14.21-150500.33.6.1

    An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in renesas_usb3_remove in drivers/usb/gadget/udc/renesas_usb3.c.

  • CVE-2023-35827HigJun 18, 2023
    affected < 5.14.21-150500.33.48.1fixed 5.14.21-150500.33.48.1

    An issue was discovered in the Linux kernel through 6.3.8. A use-after-free was found in ravb_remove in drivers/net/ethernet/renesas/ravb_main.c.

  • CVE-2023-35823HigJun 18, 2023
    affected < 5.14.21-150500.33.6.1fixed 5.14.21-150500.33.6.1

    An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in saa7134_finidev in drivers/media/pci/saa7134/saa7134-core.c.

  • CVE-2023-35788HigJun 16, 2023
    affected < 5.14.21-150500.33.6.1fixed 5.14.21-150500.33.6.1

    An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.

  • CVE-2023-3268HigJun 16, 2023
    affected < 5.14.21-150500.33.14.1fixed 5.14.21-150500.33.14.1

    An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal information.

  • CVE-2023-3161MedJun 12, 2023
    affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1

    A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing font->width and font->height greater than 32 to fbcon_set_font, since there are no checks in place, a shift-out-of-bounds occurs leading to undefined behavior and possible denial of service.

  • CVE-2023-3141HigJun 9, 2023
    affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1

    A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.

  • CVE-2023-3111HigJun 5, 2023
    affected < 5.14.21-150500.33.6.1fixed 5.14.21-150500.33.6.1

    A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfs_ioctl_balance() before calling btrfs_ioctl_defrag().

  • CVE-2023-2985MedJun 1, 2023
    affected < 5.14.21-150500.33.11.1fixed 5.14.21-150500.33.11.1

    A use after free flaw was found in hfsplus_put_super in fs/hfsplus/super.c in the Linux Kernel. This flaw could allow a local user to cause a denial of service problem.

  • CVE-2023-3006MedMay 31, 2023
    affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1

    A known cache speculation vulnerability, known as Branch History Injection (BHI) or Spectre-BHB, becomes actual again for the new hw AmpereOne. Spectre-BHB is similar to Spectre v2, except that malicious code uses the shared branch history (stored in the CPU Branch History Buffer

  • CVE-2023-2002MedMay 26, 2023
    affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1

    A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availabil

  • CVE-2023-0459MedMay 25, 2023
    affected < 5.14.21-150500.33.14.1fixed 5.14.21-150500.33.14.1

    Copy_from_user on 64-bit versions of the Linux kernel does not implement the __uaccess_begin_nospec allowing a user to bypass the "access_ok" check and pass a kernel pointer to copy_from_user(). This would allow an attacker to leak information. We recommend upgrading beyond commi

  • CVE-2023-33288MedMay 22, 2023
    affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1

    An issue was discovered in the Linux kernel before 6.2.9. A use-after-free was found in bq24190_remove in drivers/power/supply/bq24190_charger.c. It could allow a local attacker to crash the system due to a race condition.

  • CVE-2023-1859MedMay 17, 2023
    affected < 5.14.21-150500.33.20.1fixed 5.14.21-150500.33.20.1

    A use-after-free flaw was found in xen_9pfs_front_removet in net/9p/trans_xen.c in Xen transport for 9pfs in the Linux Kernel. This flaw could allow a local attacker to crash the system due to a race problem, possibly leading to a kernel information leak.

  • CVE-2023-2124HigMay 15, 2023
    affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1

    An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.

  • CVE-2023-21106HigMay 15, 2023
    affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1

    In adreno_set_param of adreno_gpu.c, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kern

  • CVE-2023-21102HigMay 15, 2023
    affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1

    In __efi_rt_asm_wrapper of efi-rt-wrapper.S, there is a possible bypass of shadow stack protection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Pr

  • CVE-2023-28410HigMay 10, 2023
    affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1

    Improper restriction of operations within the bounds of a memory buffer in some Intel(R) i915 Graphics drivers for linux before kernel version 6.2.10 may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2023-2156HigMay 9, 2023
    affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1

    A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol. This issue results from the lack of proper handling of user-supplied data, which can lead to an assertion failure. This may allow an unauthenticated remote attacker to create

  • CVE-2023-2513MedMay 8, 2023
    affected < 5.14.21-150500.33.3.1fixed 5.14.21-150500.33.3.1

    A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors.

Page 118 of 122